Friday, July 15, 2016



Complete DHS Report for July 15, 2016

Daily Report                                            

Top Stories

• Severe thunderstorms that moved through Missouri and Illinois July 13 knocked out power to approximately 185,000 customers. – St. Louis Post-Dispatch

1. July 14, St. Louis Post-Dispatch – (Missouri; Illinois) No power for 100,000 in Missouri, Illinois after thunderstorms roar through area. Severe thunderstorms that moved through Missouri and Illinois July 13 knocked out power to approximately 185,000 customers following strong winds that took down power lines. Source: http://www.stltoday.com/news/local/metro/customers-without-power-as-thunderstorms-roar-across-st-louis-area/article_eda80e52-8d4a-5068-a250-d3fbe29ec316.html

• A fugitive pleaded guilty July 13 to defrauding around 800 investors out of an estimated $65 million in a Ponzi scheme where he and co-conspirators operated Cyprus Funds, Inc., to sell certificates of deposit and unregistered mutual funds in Latin America and the U.S. – U.S. Attorney’s Office, Northern District of Ohio

5. July 13, U.S. Attorney’s Office, Northern District of Ohio – (International) Longtime fugitive pleads guilty to stealing $65 million from hundreds of people. A fugitive, initially indicted in October 2003 pleaded guilty July 13 to defrauding around 800 investors out of an estimated $65 million in a Ponzi scheme where he and co-conspirators operated Doylestown, Ohio-based Cyprus Funds, Inc., to sell certificates of deposit and unregistered mutual funds in Latin America and the U.S. from 1995 – 1999. Source: https://www.justice.gov/usao-ndoh/pr/longtime-fugitive-eric-bartoli-pleads-guilty-stealing-65-million-hundreds-people

• A six-vehicle crash involving two semi-trucks and four other vehicles left one person dead, several others injured, and forced the closure of the westbound lanes of Interstate 84 in Montgomery, New York, for several hours July 13. – Middletown Times Herald-Record

6. July 14, Middletown Times Herald-Record – (New York) Police: One person dead, multiple injuries in six-vehicle crash on I-84. A six-vehicle crash involving two semi-trucks and four other vehicles left one person dead, several others injured, and forced the closure of the westbound lanes of Interstate 84 in Montgomery, New York, for several hours July 13. Source: http://www.recordonline.com/news/20160713/police-one-person-dead-multiple-injuries-in-six-vehicle-crash-on-i-84

• A malfunctioning pumping station at the Amsterdam water treatment plant in New York caused over 500,000 gallons of sewage to leak into the Mohawk River July 13. – WNYT 13 Albany

17. July 13, WNYT 13 Albany – (New York) 500,000 gallons of sewage spill into Mohawk River. The New York State Department of Environmental Conservation announced July 13 that a malfunctioning pumping station at the Amsterdam water treatment plant in New York caused over 500,000 gallons of sewage to leak into the Mohawk River. Officials stated that drinking water was not impacted by the spill. Source: http://wnyt.com/news/mohawk-river-sewage-spill-amsterdam/4198329/

Financial Services Sector

4. July 13, Courier of Montgomery County – (Texas) Two arrested for credit card fraud scheme. Two individuals were arrested and charged in Montgomery County, Texas, July 11 after authorities discovered approximately 100 stolen credit cards and a credit card embossing machine, among other illicit material in the duo’s vehicle during a routine traffic stop. Source: http://www.yourhoustonnews.com/courier/news/two-arrested-for-credit-card-fraud-scheme/article_40ce2d27-4b12-53fc-8b70-508008f101e4.html

5. July 13, U.S. Attorney’s Office, Northern District of Ohio – (International) Longtime fugitive pleads guilty to stealing $65 million from hundreds of people. A fugitive, initially indicted in October 2003 pleaded guilty July 13 to defrauding around 800 investors out of an estimated $65 million in a Ponzi scheme where he and co-conspirators operated Doylestown, Ohio-based Cyprus Funds, Inc., to sell certificates of deposit and unregistered mutual funds in Latin America and the U.S. from 1995 – 1999. Source: https://www.justice.gov/usao-ndoh/pr/longtime-fugitive-eric-bartoli-pleads-guilty-stealing-65-million-hundreds-people

Information Technology Sector

22. July 14, IDG News Service – (International) Juniper patches high-risk flaws in Junos OS. Juniper Networks fixed several vulnerabilities in the Junos operating system (OS) used on its networking and security appliances, including an information leak in the J-Web interface, vulnerabilities that could lead to denial of service conditions, a potential kernel crash, a potential memory buffer (mbuf) leak, a crypto vulnerability, and an issue with SRX Series devices. Source: http://www.networkworld.com/article/3095812/juniper-patches-high-risk-flaws-in-junos-os.html

23. July 14, Softpedia – (International) Microsoft discovers new version of Troldesh ransomware. Microsoft Malware Protection Center researchers discovered a new version of the Troldesh ransomware, also known as Encoder.858 and Shade Ransomware, that contains new modifications including a dedicated payment portal where users can get information on how to pay the ransom, utilization of a Tor Web site, and two new extensions, “.da_vinci_code” and “.magic_software_syndicate,” which are added to the end of encrypted files. Source: http://news.softpedia.com/news/microsoft-discovers-new-version-of-troldesh-ransomware-506321.shtml

24. July 14, Softpedia – (International) Huge spam wave drops Locky variant that can work without an internet connection. F-Secure researchers examined a July 12 campaign utilizing the Locky ransomware where the group sent out 120,000 spam email messages every 2 hours in 2 instances of activity. Avira researchers also found that a new Locky variant works in “offline mode,” making it harder to block. Source: http://news.softpedia.com/news/huge-spam-wave-drops-locky-variant-that-can-work-without-an-internet-connection-506294.shtml

25. July 13, IDG News Service – (International) Three popular Drupal modules patch site-takeover flaws. Drupal, a content management system, worked with three third-party module maintainers, RESTWS, Coder, or Webform Multiple File Upload, to address critical vulnerabilities that could allow attackers to take control of Web sites, including a flaw that allows attackers to execute rogue Hypertext Preprocessor (PHP) code Web servers that host Drupal Web sites with the modules, as well as flaws that could lead to remote code execution (RCE). Source: http://www.computerworld.com/article/3095388/security/three-popular-drupal-modules-patch-site-takeover-flaws.html

26. July 13, Softpedia – (International) Ransomware permanently deletes your files then has the nerve to ask for money. Cisco Talos researchers discovered a new piece of ransomware dubbed Ranscam that deletes the victim’s files after infecting the computer, and removes core Microsoft Windows executables responsible for the System Restore feature, hard drive shadow copies, and several registry keys associated with booting into Safe Mode, among other modifications. Once the removal is complete, the ransomware shows its ransom note and falsely informs the victim that their files are encrypted and moved into a hidden partition. Source: http://news.softpedia.com/news/ransomware-permanently-deletes-your-files-then-has-the-nerve-to-ask-for-money-506289.shtml

Communications Sector

Nothing to report